Skip to content

Pin setup-python action to a commit hash - part 2#7493

Open
ShaharNaveh wants to merge 4 commits intoRustPython:mainfrom
ShaharNaveh:setup-python-pin-2
Open

Pin setup-python action to a commit hash - part 2#7493
ShaharNaveh wants to merge 4 commits intoRustPython:mainfrom
ShaharNaveh:setup-python-pin-2

Conversation

@ShaharNaveh
Copy link
Copy Markdown
Contributor

@ShaharNaveh ShaharNaveh commented Mar 24, 2026
edited by coderabbitai bot
Loading

extracted from #7491
Probably blocked until #7483 is merged

Summary by CodeRabbit

  • Chores
    • Pinned CI action references to exact commits in several workflow jobs to improve build stability and reproducibility.
    • Minor workflow formatting cleanup (added spacing) to improve readability of CI configuration.

@coderabbitai
Copy link
Copy Markdown
Contributor

coderabbitai bot commented Mar 24, 2026
edited
Loading

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 2a702950-9b2d-4cce-9b03-4daf10990582

📥 Commits

Reviewing files that changed from the base of the PR and between d3f062e and 4f5dd83.

📒 Files selected for processing (1)
  • .github/workflows/cron-ci.yaml
✅ Files skipped from review due to trivial changes (1)
  • .github/workflows/cron-ci.yaml
📝 Walkthrough

Walkthrough

Pinned actions/setup-python to a specific commit SHA in multiple cron CI jobs and added blank-line formatting around those steps in the workflow YAML. No other workflow logic or step inputs were changed.

Changes

Cohort / File(s) Summary
Workflow Configuration
​.github/workflows/cron-ci.yaml		 Updated actions/setup-python ref from v6.2.0 to commit a309ff8b426b58ec0e2a45f0f869d46889d02405 (annotated # v6.2.0) in the codecov, whatsleft, and benchmark jobs; added surrounding blank lines for readability. No other inputs, commands, or job flow altered.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

Suggested labels

skip:ci

Suggested reviewers

  • youknowone
  • fanninpm
  • coolreader18

Poem

🐇 I hop through YAML, tidy and spry,
Pinning a hash so actions don't fly,
Blank lines tucked neat, each step in its place,
Cron hums along at a calm, steady pace.

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: pinning the setup-python action to a commit hash in the cron-ci workflow, which is part 2 of this work.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/cron-ci.yaml:
- Around line 53-54: The YAML uses a block scalar for the codecov action's files
input which v5 expects as a comma-separated string; update the `files` input for
the Codecov step (the `files` key used with the codecov action invocation) to a
single-line, comma-separated value (e.g., "path/to/file1, path/to/file2")
instead of the multi-line block scalar so the action parses it correctly.
ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yml

Review profile: CHILL

Plan: Pro

Run ID: 2292b149-9795-47ff-b60e-505240d7053d

📥 Commits

Reviewing files that changed from the base of the PR and between 8c01615 and ae37379.

📒 Files selected for processing (2)
  • .github/workflows/cron-ci.yaml
  • .github/workflows/pr-format.yaml

@ShaharNaveh ShaharNaveh changed the title Pin setup-python action to a commit hash - part 2 Pin setup-python action to a commit hash - part 2 Mar 24, 2026
@youknowone
Copy link
Copy Markdown
Member

youknowone commented Mar 25, 2026

oh, please chcek the action lint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@youknowone youknowone youknowone approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ShaharNaveh @youknowone